Recent years has given significant advances in networking technology and reduced pricing, resulting in a significant buildup of networking infrastructure. As illustrated in FIG. 1, many households 100 and businesses 106 are interconnected through private and public networks 104, the most well known network being the Internet. Most networks now utilize the Transmission Control Protocol/Internet Protocol (TCP/IP) communication protocol, in which network locations are assigned a globally unique 32-bit numeric address typically presented in dot quad notation (four numbers each having values of zero to 255). TCP/IP network traffic is routed based on a destination IP address for the traffic.
Unfortunately, the explosive growth of the Internet has resulted in a shortage of available network addresses. To compensate, attempts have been made to share a single network address among multiple computers. One well-known example is Network Address Translation (NAT), which hides an internal network behind an access point 102, 108 in communication with an external network 104 by routing network traffic through the access point. Internal networks generally use private network addresses that are not routable on the public network without translation. During operation, access points 102, 108 translate source IP address and ports of outgoing network traffic to map the traffic to an external or public address of the access point and a unique port. Conversely, the access point translates incoming network traffic destination IP address and unique port back to an original internal address and port. However, access points generally ignore incoming network traffic not received in response to outgoing network traffic that was translated, and incoming traffic directed to unmapped ports.
Network traffic translation performed by a translating access point such as a NAT gateway/router 102, firewall 108, or the like, is transparent to many applications. However, such translations break some protocols under certain circumstances, such as audiovisual conferencing protocols, security protocols, game protocols, and other protocols that embed a machine's network address within network traffic. For example, International Telecommunication Union (ITU) standard H.323, Internet Engineering Task Force (IETF) Media Gateway Control Protocol (MGCP/Megaco), IETF Session Initiation Protocol (SIP), IP Security (IPSec), end-to-end security models not allowing packet header alterations, and the File Transfer Protocol (FTP), are all examples of protocols that break if used behind translating access points such as NAT devices.
For example, in FIG. 1, an H.323 client 116 inspects its network configuration and registers it with an H.323 gateway 118 as protocol data. Similarly, H.323 client 110 registers itself with the gateway. However, because H.323 client 110 receives network service from an Internet service provider 112 that is in a private network behind a NAT gateway/router 114, the configuration indicated in the protocol data for client 110 cannot be used by H.323 gateway 118 or client 116 to access client 110.
One proposed solution to this problem is to modify access points to be aware of the protocol. Unfortunately, due to the large number of installed access points, this is an expensive solution. To work properly, all translating access points have to be revised to support the protocol; if any one upstream non-supporting translating access point is reached, then the protocol fails.